Why measurement is key to driving improvement in software security

By Paco Hope, member of (ISC)²'s Application Security Advisory Board, and Principal Consultant with Cigital

We recognise that insecure software is a major cause of security breaches; we as security professionals even know what to do to address the problem, but ironically, not many organisations are actually taking the necessary measures.

The Building Security in Maturity Model (BSIMM, http://bsimm.com), an observational model built from real-world software security initiatives, is evidence of...

By ISC2, 06 March 2014, 0 comments. Categories: Security, Testing.

Security for developers: From web hosting to the cloud

Bola Rotibi, member of the (ISC)2 Application Security Advisory Board; and Research Director at Creative Intellect Consulting Ltd

As a web developer you get used to being the first point of contact when something goes awry with a website that you’ve worked on. It is understandable that people see something is wrong and then need to call someone to get it addressed as quickly as possible. What is often lost on clients is the importance of their website hosting and the interdependence between developers...

By ISC2, 17 October 2013, 0 comments. Categories: Cloud, Development Tools, Security.